Perhaps he could make the stored procedure functional by creating a user
with the EXECUTE permission (somebody please fell free to correct me if I am
mistaken) if it is to be used to execute a stored procedure. You don't want
someone to attempt using the 'root' username with a typical 'mysql' password
to be granted ALL PRIVILEGES. Just my opinion.
On Wed, Aug 17, 2011 at 9:54 AM, Johnny Withers <johnny@stripped>wrote:
> It would allow anyone from anywhere to access your server as root with full
> access to all databases using the password 'mysql'. Not very secure. I
> don't
> recommend having a root@% defined.
>
> On Aug 17, 2011 8:50 AM, "Brent Clark" <brentgclarklist@stripped> wrote:
>
> Hiya
>
> Thank you so much for replying. I really appreciate it.
>
> I know the answer (well I think I do :) ), but im still going to ask. What
> is the risk if do the "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'
> IDENTIFIED
> BY 'mysql' WITH GRANT OPTION;"
> To satisfy the developer.
>
> Thank you again.
> Brent
>
>
>
> On 17/08/2011 15:42, Johnny Withers wrote:
>
> > >
> > >
> > > Change the definer to one of your registered root accounts. Root@127or
> > root@localhost.
> > >
> >
> > >> On Aug 17, 2011 8:39 AM, "Brent Clark" <brentgclarklist@stripped> <mailto:
> > brentgclarklist@stripped...
> >
>

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.